beta.eva.aft.amazon.dev
Open in
urlscan Pro
2600:9000:214f:b800:3:d61:2d00:93a1
Public Scan
Submission Tags: @phishunt_io
Submission: On November 21 via api from ES
Summary
TLS certificate: Issued by Amazon on November 20th 2020. Valid for: a year.
This is the only time beta.eva.aft.amazon.dev was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 2600:9000:214... 2600:9000:214f:b800:3:d61:2d00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
1 1 | 52.49.70.147 52.49.70.147 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 52.94.220.70 52.94.220.70 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 3 |
ASN16509 (AMAZON-02, US)
beta.eva.aft.amazon.dev |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-70-147.eu-west-1.compute.amazonaws.com
internal-cdn.amazon.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
amazon.dev
beta.eva.aft.amazon.dev |
140 KB |
3 |
amazon.com
2 redirects
internal-cdn.amazon.com midway-auth.amazon.com |
2 KB |
6 | 2 |
Domain | Requested by | |
---|---|---|
5 | beta.eva.aft.amazon.dev |
beta.eva.aft.amazon.dev
|
2 | midway-auth.amazon.com |
1 redirects
beta.eva.aft.amazon.dev
|
1 | internal-cdn.amazon.com | 1 redirects |
6 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
beta.eva.aft.amazon.dev Amazon |
2020-11-20 - 2021-12-19 |
a year | crt.sh |
midway-auth.dub.amazon.com Amazon |
2020-05-17 - 2021-05-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://beta.eva.aft.amazon.dev/
Frame ID: 4AA4357CFF858E12F7E2CC506ADB3FED
Requests: 8 HTTP requests in this frame
Screenshot
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers via /\(CloudFront\)$/i
- headers server /^AmazonS3$/i
Amazon Cloudfront (CDN) Expand
Detected patterns
- headers via /\(CloudFront\)$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Essential JS 2 () Expand
Detected patterns
- html /<[^<]+class="[^"]*[^-](?:e-control|e-lib)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 6- https://internal-cdn.amazon.com/badgephotos.amazon.com/?uid=shpakav HTTP 307
- https://midway-auth.amazon.com/SSO/redirect?redirect_uri=https%3A%2F%2Finternal-cdn.amazon.com%2Fbadgephotos.amazon.com%2F%3Fuid%3Dshpakav&client_id=https%3A%2F%2Finternal-cdn.amazon.com%3A443&scope=openid&response_type=id_token&nonce=71b4fab7aa5bb8a5f7e1f8b032c4f1e6c6639bad68d9ef8e2119911c9615067b&sentry_handler_version=midwaygateway&response_mode=query&state=%2Fbadgephotos.amazon.com%2F%3Fuid%3Dshpakav HTTP 302
- https://midway-auth.amazon.com/login?next=%2FSSO%2Fredirect%3Fredirect_uri%3Dhttps%253A%252F%252Finternal-cdn.amazon.com%252Fbadgephotos.amazon.com%252F%253Fuid%253Dshpakav%26client_id%3Dhttps%253A%252F%252Finternal-cdn.amazon.com%253A443%26scope%3Dopenid%26response_type%3Did_token%26nonce%3D71b4fab7aa5bb8a5f7e1f8b032c4f1e6c6639bad68d9ef8e2119911c9615067b%26sentry_handler_version%3Dmidwaygateway%26response_mode%3Dquery%26state%3D%252Fbadgephotos.amazon.com%252F%253Fuid%253Dshpakav&noauth=1&require_digital_identity=false
6 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
beta.eva.aft.amazon.dev/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.926692ae.chunk.css
beta.eva.aft.amazon.dev/static/css/ |
159 KB 82 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.ca644363.chunk.css
beta.eva.aft.amazon.dev/static/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.422f057c.chunk.js
beta.eva.aft.amazon.dev/static/js/ |
173 KB 54 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.9082ddc4.chunk.js
beta.eva.aft.amazon.dev/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login
midway-auth.amazon.com/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
Verdicts & Comments Add Verdict or Comment
11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| webpackJsonp@amzn/river_event_ui object| awsuiVersions0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
beta.eva.aft.amazon.dev
internal-cdn.amazon.com
midway-auth.amazon.com
2600:9000:214f:b800:3:d61:2d00:93a1
52.49.70.147
52.94.220.70
24c1539f8b1c267f2e4a9ec4a7479bec293717ce6c57f89ceefb3d0c96a3688e
2c2891af5f78f93f44372f5781a75214ab2931a0fc1ad135e7d3ad034616ebfa
a1c369504c226f953811f623d4cd59e712435c886f0a321b608688209bb78aaf
cd3f588bbc003904e4a01431a71462f5fc44c813371a5615431b308ea2346ebd
dcb66f4c72cbb106361addf2b33979eb47230a5694fb5325c3802d8932488903
dd22b81b898eb407a56ff6b2ac75c7739745331c8b790e83e7dde68966fc16ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9a440f6711adcf7b5ed396266ce81d553ccbb3c0df6285f2550dc4014d3504b